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2a)[3 This action is FINAL. 2b)D This action is non-final. 
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closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
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DETAILED ACTION 

Response to Amendment 

1 . The following is a response to the amendments filed on 9/29/2005. 

Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102(e) that form 
the basis for the rejections under this section made in this Office action: 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

3. Claims 1-25 are rejected under 35 U.S.C. 102(e) as being anticipated by Strahm et al 
(U.S 5732214), hereinafter referred to as Strahm. 

Re claims 1,15, and 24, Strahm discloses Control Element (CE, figure 2, element 
206, source agent) sending the packet, encrypted in tunnel mode (the tunnel being 
configured by said source agent, paragraph [0032], lines 1-2) and Classifying Forwarding 
Element (CFE, figure 2, element 202, an endpoint of a tunnel) classifying the packet by 
checking if the packet is received from the same traffic stream or the security Association 
(SA) as previously received packets Classifying Forwarding Element (CFE, figure 2, 
element 202, an endpoint of a tunnel) (authentication logic configured to receive packets 
sent from a source agent to an endpoint of a tunnel and to determine whether a SA of a 
packet received corresponds to said source agent, paragraph [0032], lines 5-1 1). 
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Strahm discloses routing Internet Protocol security (IPsec) traffic based on the 
classification parameter (abstract, making a routing decision for each authenticated 
packet that is constrained based on the SA of the authenticated packet). Classification 
parameters include IPsec Security Parameter Index (SPI) information that is uniquely 
associated with a SA. Strahm discloses the CFE classifying the traffic it receives from 
the network for transmission to a destination, wherein this classifying involves load 
balancing and route optimization (paragraphs [0008] and [0009]). (selecting a routing 
destination for each authenticated packet, and routing the packet based on said routing 
decision, abstract, lines 1-5). 

Re claim 2, Strahm discloses selecting the routing destination based on routing 
decision (paragraph [0009], lines 1-2). 

Re claims 3, 16, and 25, Strahm discloses Decrypting Forwarding Element (DFE) 
decrypting the received packet using the encryption or keys included in the S A 
(decapsulate received packets while SA of the packet is preserved, paragraph [0036], 
lines 1-5) and forwarding the packet to its next stop (contents of a payload of an 
authentication packet are routed to the selected routing destination, paragraph [0031], 
lines 1-9). 

Re claims 4 and 17, Strahm discloses processing Internet Protocol security (IPsec) 
traffic (abstract). 

Re claim 5, Strahm discloses public IPsec protocol (paragraph [0002]). 
Re claim 6, Strahm discloses communication with private network (paragraph 
[0027]). 
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Re claims 7, 8, 18 and 19, Strahm discloses routing or forwarding a packet to 
layer 3 device, router (paragraph [0031], lines 4-9). 

Re claims 9, 10, 20 and 21, Strahm discloses forwarding a packet to layer 2 
device, switch (paragraph [0031], lines 4-9). 

Re claims 1 1 and 22, Strahm discloses a switch forwarding network traffic based 
on information included in the second layer of OSI networking model and discloses 
sending a packet in a tunnel mode through a virtual private network gateway. 

Re claims 12 and 23, Strahm discloses a data layer link device forwarding 
network traffic based on information included in the second layer of OSI networking 
model (paragraph [0024], lines 9-12). 

Re claims 13 and 14, Strahm discloses making routing decision based on Security 
Parameter Index (SPI, authentication ID) associated with a S A (making routing decision 
without regard to the contents of a payloadof the packet, figure lb; paragraph [0010], 
lines 1-7). 



Response to Arguments 



4. Applicant's arguments filed on 9/29/05 have been fully considered but they are not 
persuasive. 

On pages 1 1 and 14 the Applicant argues that Strahm's CFE does not make a 
routing decision based on the security association of the authenticated packet. The 



Application/Control Number: 09/846,407 Page 5 

Art Unit: 2662 

Examiner respectfully disagrees. Strahm discloses route optimization that involves 
making a routing decision for each authenticated packet (paragraph [0009]). 

On page 12 the Applicant argues that Strahm 's system does not use any address in 
a security association to make a routing decision. The Examiner respectfully disagrees. 
Strahm discloses security association including destination address that should be used 
for routing as known in the art. Indeed the argument seems misplaced since the features 
upon which applicant relies (i.e., using any address in a security association to make a 
routing decision) are not recited in the rejected claim(s). 

Therefore, the Examiner concludes that the rejection of claims 1-25 stands. 

Allowable Subject Matter 

5. Claims 26-30 are allowable. 

The following is an examiner's statement for reasons for allowance. 

6. Claim 26 is allowable over the prior art of record since the cited references taken 
individually or in combination fail to particularly teach or fairly suggest a method for 
routing a packet by receiving a packet at a tunnel endpoint authenticating the packet, 
preserving a SA of the packet as an authentication ID, and making routing determination 
for routing contents of the packet by looking up the authentication ID in a table to 
determine a destination IP address to which the packet is to be routed. 
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Conclusion 

7. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 . 1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of the 
advisory action. In no, however, event will the statutory period for reply expire later than 
SIX MONTHS from the mailing date of this final action. 

8. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Hong Cho whose telephone number is 571-272-3087. 
The examiner can normally be reached on Mon-Fri during 7 am to 4 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Hassan Kizou can be reached on 571-272-3088. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-3088. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 



lie 



Hong Cho 
Patent Examiner 
10/7/2005 




JOHN PEZZLO 
PRIMARY EXAMINER 



